A wired Local Area Network (LAN) is generally a broadcasting network, hence data transmitted from one node can be received by any other node. All nodes of the network share a channel, which may cause significant security risks on the network. Any attacker accessing the network is able to capture all the data packets on the network and steal key information by simply listening.
In the prior art, a LAN in accordance with the national specification GB/T 15629.3 (corresponding to IEEE 802.3 or ISO/IEC 8802-3) is not provided with a method to maintain the confidentiality of data; in order to protect the Ethernet, IEEE 802.1AE provides a data encryption protocol, specifically, a hop-by-hop encryption measure to realize secure data transmission between network nodes. However, this hop-by-hop encryption measure causes a huge computational load to the switching devices in the LAN and may induce attacks by attackers to the switching devices; moreover, the delay of transmitting a data packet from the transmitting node to the destination node is increased, and transmission efficiency of the network is degraded.
A wired LAN has a complex topological structure and involves a large number of nodes, therefore, data communication in the network is also complex. In order to select a secure communication method flexibly according to the network topology between two data communication parties in a LAN, it is desired to provide a mechanism to obtain the network topology between the data communication parties.